1896976 – [abrt] renderdoc: rdcarray<SDObject*>::size(): qrenderdoc killed by SIGSEGV

Bug 1896976 - [abrt] renderdoc: rdcarray<SDObject*>::size(): qrenderdoc killed by SIGSEGV

Summary: [abrt] renderdoc: rdcarray<SDObject*>::size(): qrenderdoc killed by SIGSEGV

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	renderdoc
Sub Component:
Version:	35
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Christian Kellner
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://retrace.fedoraproject.org/faf...
Whiteboard:	abrt_hash:e6a5e5346932642e64075973708...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-11-12 00:24 UTC by James Legg
Modified:	2021-11-14 04:06 UTC (History)
CC List:	1 user (show)
Fixed In Version:	renderdoc-1.16-1.fc34 renderdoc-1.16-1.fc35
Doc Type:	---
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-11-14 03:43:41 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: backtrace (94.51 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: core_backtrace (2.04 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: cpuinfo (2.37 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: dso_list (5.06 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: environ (1.96 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: exploitable (82 bytes, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: limits (1.29 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: maps (32.29 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: mountinfo (2.54 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: open_fds (364 bytes, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
File: proc_pid_status (1.33 KB, text/plain) 2020-11-12 00:24 UTC, James Legg	no flags	Details
View All

Description James Legg 2020-11-12 00:24:19 UTC

Description of problem:
qrenderdoc reliably crashes on launch.

It creates a file in /tmp/RenderDoc/ with contents like the following:
RDOC 018941: [23:39:18]             core.cpp( 418) - Log     - RenderDoc v1.8 Linux 64-bit Release (NO_GIT_COMMIT_HASH_DEFINED) loaded in replay application
RDOC 018941: [23:39:18]         settings.cpp( 459) - Log     - Loading config from /home/jlegg/.renderdoc/renderdoc.conf

I didn't have a ~/.renderdoc/renderdoc.conf file, and creating an empty one does not stop qrenderdoc from crashing. From strace I don't see any other user specific configuration files accessed.

I think this looks like a static initialisation order problem in librenderdoc.so. If I run "gdb /usr/bin/true", at the gdb prompt enter "set exec-wrapper env 'LD_PRELOAD=/usr/lib64/renderdoc/librenderdoc.so'" and "run", then I see a similar crash.

Version-Release number of selected component:
renderdoc-1.8-4.fc33

Additional info:
reporter:       libreport-2.14.0
backtrace_rating: 3
cgroup:         0::/user.slice/user-1000.slice/user/app-gnome-renderdoc-18941.scope
cmdline:        qrenderdoc
crash_function: rdcarray<SDObject*>::size
executable:     /usr/bin/qrenderdoc
journald_cursor: s=c99270b8bbc2408bae1ee120b57fe4ae;i=585d4;b=a6e6e98a09cd4bd58fc6b23945957609;m=25056a9bf;t=5b3dd4dd5da57;x=9238f1fd6053c88e
kernel:         5.8.18-300.fc33.x86_64
rootdir:        /
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 rdcarray<SDObject*>::size at /usr/src/debug/renderdoc-1.8-4.fc33.x86_64/renderdoc/core/settings.cpp:270
 #1 SDObject::NumChildren at /usr/src/debug/renderdoc-1.8-4.fc33.x86_64/renderdoc/api/replay/structured_data.h:488
 #2 MergeConfigValues at /usr/src/debug/renderdoc-1.8-4.fc33.x86_64/renderdoc/core/settings.cpp:274
 #3 RenderDoc::ProcessConfig at /usr/include/bits/string_fortified.h:71
 #4 RenderDoc::Initialise at /usr/src/debug/renderdoc-1.8-4.fc33.x86_64/renderdoc/core/core.cpp:458
 #5 _sub_I_65535_0.0 at /usr/src/debug/renderdoc-1.8-4.fc33.x86_64/renderdoc/api/replay/rdcarray.h:148
 #6 call_init at dl-init.c:74
 #8 _dl_init at dl-init.c:121
 #9 _dl_start_user
 #10 ??

Comment 1 James Legg 2020-11-12 00:24:24 UTC

Created attachment 1728559 [details]
File: backtrace

Comment 2 James Legg 2020-11-12 00:24:26 UTC

Created attachment 1728560 [details]
File: core_backtrace

Comment 3 James Legg 2020-11-12 00:24:27 UTC

Created attachment 1728561 [details]
File: cpuinfo

Comment 4 James Legg 2020-11-12 00:24:28 UTC

Created attachment 1728562 [details]
File: dso_list

Comment 5 James Legg 2020-11-12 00:24:30 UTC

Created attachment 1728563 [details]
File: environ

Comment 6 James Legg 2020-11-12 00:24:31 UTC

Created attachment 1728564 [details]
File: exploitable

Comment 7 James Legg 2020-11-12 00:24:32 UTC

Created attachment 1728565 [details]
File: limits

Comment 8 James Legg 2020-11-12 00:24:34 UTC

Created attachment 1728566 [details]
File: maps

Comment 9 James Legg 2020-11-12 00:24:36 UTC

Created attachment 1728567 [details]
File: mountinfo

Comment 10 James Legg 2020-11-12 00:24:37 UTC

Created attachment 1728568 [details]
File: open_fds

Comment 11 James Legg 2020-11-12 00:24:38 UTC

Created attachment 1728569 [details]
File: proc_pid_status

Comment 12 Ben Cotton 2021-11-04 17:19:14 UTC

This message is a reminder that Fedora 33 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora 33 on 2021-11-30.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
Fedora 'version' of '33'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 33 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Comment 13 James Legg 2021-11-06 02:48:27 UTC

I get a different backtrace with qrenderoc (or /usr/bin/true with librenderdoc.so preloaded) when using renderdoc-1.10-4.fc35, but the effect is similar:

#0  rdcstr::assign (in=..., this=0x7fffffffd550) at /usr/src/debug/renderdoc-1.10-4.fc35.x86_64/renderdoc/api/replay/rdcstr.h:128
#1  rdcstr::rdcstr (in=..., this=0x7fffffffd550) at /usr/src/debug/renderdoc-1.10-4.fc35.x86_64/renderdoc/api/replay/rdcstr.h:241
#2  rdclog_filename (filename=0x113b9f0 "/tmp/RenderDoc/RenderDoc_2021.11.06_02.37.53.log")
    at /usr/src/debug/renderdoc-1.10-4.fc35.x86_64/renderdoc/common/common.cpp:262
#3  0x00007ffff3cdb0d1 in RenderDoc::Initialise (this=0x7ffff4aac260 <_ZZN9RenderDoc4InstEvE8realInst.lto_priv.0>)
    at /usr/src/debug/renderdoc-1.10-4.fc35.x86_64/renderdoc/core/core.cpp:410
#4  0x00007ffff3ce437f in _sub_I_65535_0.0 () from /usr/bin/../lib64/renderdoc/librenderdoc.so
#5  0x00007ffff7fdb72e in call_init (env=0x7fffffffdb78, argv=0x7fffffffdb68, argc=1, l=<optimized out>) at dl-init.c:70
#6  call_init (l=<optimized out>, argc=1, argv=0x7fffffffdb68, env=0x7fffffffdb78) at dl-init.c:26
#7  0x00007ffff7fdb81c in _dl_init (main_map=0x7ffff7ffe1e0, argc=1, argv=0x7fffffffdb68, env=0x7fffffffdb78) at dl-init.c:117
#8  0x00007ffff7fcc0ca in _dl_start_user () from /lib64/ld-linux-x86-64.so.2

rdclog_filename dereferences global variable logfile, declared in common.cpp, which doesn't appear to have been statically initialised yet, and is still null.

Comment 14 Fedora Update System 2021-11-06 22:45:08 UTC

FEDORA-2021-553479d048 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-553479d048

Comment 15 Fedora Update System 2021-11-06 22:45:09 UTC

FEDORA-2021-d8b7af4c6e has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-d8b7af4c6e

Comment 16 Fedora Update System 2021-11-07 02:09:56 UTC

FEDORA-2021-d8b7af4c6e has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-d8b7af4c6e`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-d8b7af4c6e

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 17 Fedora Update System 2021-11-07 02:16:13 UTC

FEDORA-2021-553479d048 has been pushed to the Fedora 34 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-553479d048`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-553479d048

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 18 Fedora Update System 2021-11-14 03:43:41 UTC

FEDORA-2021-553479d048 has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 19 Fedora Update System 2021-11-14 04:06:59 UTC

FEDORA-2021-d8b7af4c6e has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.